With unprepared companies often choosing to pay rather than lose their data, ransomware attacks continue to be a growth market for cybercriminals, with 2021 being another record setting year. Taking advantage of both user error and already existing breaches, these attacks can all but shut down even major companies, with Acer, Colonial Pipeline, and Deloitte all finding themselves suffering major disruptions, according to an article in Security Magazine.
For many attacks, the focus is increasingly on targeting unpatched vulnerabilities that allow for remote execution of malicious code. And the number of unpatched vulnerabilities only seems to be growing, with thousands of vulnerabilities being disclosed each year, and IT departments often struggling to keep up. With methods to address ransomware attacks often relying on blocking (via firewalls or intrusion detection systems) or processing logs (to trigger defensive actions), there can often be large gaps between when an event starts and when it’s detected.
To help close these gaps, deterministic protection technology can be used. Taking advantage of the behavior of known applications, the technology creates a map of the application’s expected paths and activities. In the event that the software is found to deviate from that expected path, the technology flags the event, and performs a pre-determined action to protect against the unexpected behavior, blocking further action by the application, and ideally locking out further action by the malicious code.
Source:
